Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/bfaAbBXNTIy4JkKMMcppzg8kFn8.roa
File: bfaAbBXNTIy4JkKMMcppzg8kFn8.roa (raw, json)
Hash identifier: ii1pYAckY0Wug+EbGW7SCn/HiLNypt9vsLsIQnJ0LxM=
Subject key identifier: 6D:F6:80:6C:15:CD:4C:8C:B8:26:42:8C:31:CA:69:CE:0F:24:16:7F
Certificate issuer: /CN=FC752CA59EB8EAEF23D225DC67AA085201F1F79C
Certificate serial: 89
Authority key identifier: FC:75:2C:A5:9E:B8:EA:EF:23:D2:25:DC:67:AA:08:52:01:F1:F7:9C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/_HUspZ646u8j0iXcZ6oIUgHx95w.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/bfaAbBXNTIy4JkKMMcppzg8kFn8.roa
Signing time: Wed 28 Jan 2026 08:04:09 +0000
ROA not before: Wed 28 Jan 2026 08:04:09 +0000
ROA not after: Wed 30 Dec 2026 15:30:20 +0000
asID: 152612
IP address blocks: 2402:43e0:5::/48 maxlen: 64
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137 (0x89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FC752CA59EB8EAEF23D225DC67AA085201F1F79C
Validity
Not Before: Jan 28 08:04:09 2026 GMT
Not After : Dec 30 15:30:20 2026 GMT
Subject: CN=6DF6806C15CD4C8CB826428C31CA69CE0F24167F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2e:cf:0d:55:67:11:14:1c:bd:d7:70:ba:9b:
c7:c1:cf:cf:60:e6:fa:a9:38:64:c9:3f:f7:34:35:
db:54:fb:8e:4a:0d:42:43:96:e3:2f:b8:a1:b5:cf:
b0:19:2e:6c:27:07:74:00:6d:5f:b9:d0:d5:80:3f:
c2:40:43:d1:16:36:18:7b:e7:6b:4b:1c:b8:b3:30:
44:28:39:86:9b:7b:b3:c9:55:f8:3f:4c:c8:84:98:
7d:4e:94:d3:10:11:a8:06:a0:a2:0d:cd:fe:55:ec:
fd:f3:ac:a2:53:c0:5c:0c:b8:e4:3a:34:a7:34:a0:
df:aa:7c:8d:95:2d:8b:62:66:a6:25:a8:b8:d5:51:
bd:4f:f1:43:02:bf:9b:8c:2a:78:3c:9b:93:a7:48:
f4:c9:10:c3:a0:3a:62:24:96:48:13:8c:c4:88:0d:
9c:e9:96:80:43:c8:5e:3d:b3:ad:db:43:00:1e:a6:
ca:4f:d2:7d:7f:5e:37:68:c3:a2:b8:b5:c4:8a:f1:
ae:b8:5e:ed:1e:7e:d0:09:22:8e:ae:5d:20:46:90:
6a:88:8d:fc:ac:ce:ab:f2:95:cc:96:8f:8b:6a:42:
80:d6:8b:05:8f:59:5a:24:b2:b2:f1:21:6d:4a:52:
65:f2:7d:2a:d2:96:3b:c0:e4:d4:ab:4a:7f:90:bc:
80:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F6:80:6C:15:CD:4C:8C:B8:26:42:8C:31:CA:69:CE:0F:24:16:7F
X509v3 Authority Key Identifier:
keyid:FC:75:2C:A5:9E:B8:EA:EF:23:D2:25:DC:67:AA:08:52:01:F1:F7:9C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/_HUspZ646u8j0iXcZ6oIUgHx95w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/_HUspZ646u8j0iXcZ6oIUgHx95w.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/bfaAbBXNTIy4JkKMMcppzg8kFn8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:43e0:5::/48
Signature Algorithm: sha256WithRSAEncryption
10:30:d7:99:ab:91:e1:2b:ad:e9:42:b6:9f:d0:aa:c6:05:ce:
5a:50:3b:cc:46:da:35:a8:3d:64:ee:c5:6e:e6:32:03:f6:d9:
30:e9:20:d9:a8:fc:7a:dc:eb:cd:91:9f:2a:0f:61:a0:5d:dc:
5b:7e:0b:86:91:f9:e2:36:73:c0:b9:3a:a2:29:2b:6f:71:6f:
0d:f9:c6:c3:94:77:e1:2c:6f:4b:28:c3:50:4a:2c:7b:78:43:
ef:c5:5f:f4:17:a9:bd:17:bd:a4:7c:16:52:63:46:2d:5a:e0:
93:ca:ce:ff:fb:68:69:41:7a:a5:39:5b:b4:20:45:d3:99:06:
06:63:29:fa:4b:a7:e8:e8:bf:fb:60:e2:cc:84:53:01:73:b8:
b8:29:5c:ea:1b:cc:5c:ac:8f:6a:6d:96:c2:38:60:3a:56:30:
22:06:4d:05:2a:01:61:e3:b3:b2:36:81:27:15:23:d3:1e:f0:
94:d7:3e:0c:d1:a3:0d:af:04:d1:67:a5:e3:1b:da:50:7a:c3:
5e:8e:ad:3f:41:4d:e0:3d:40:cf:38:d8:ee:43:5c:b3:f5:49:
8b:1b:73:bf:76:7b:54:c0:52:f0:55:8f:33:e2:cc:ae:17:46:
b0:c2:20:5b:c6:2d:68:6e:d8:28:89:d2:58:b8:c1:51:f0:26:
31:b9:13:ad
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgICAIkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkM3
NTJDQTU5RUI4RUFFRjIzRDIyNURDNjdBQTA4NTIwMUYxRjc5QzAeFw0yNjAxMjgw
ODA0MDlaFw0yNjEyMzAxNTMwMjBaMDMxMTAvBgNVBAMTKDZERjY4MDZDMTVDRDRD
OENCODI2NDI4QzMxQ0E2OUNFMEYyNDE2N0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3Ls8NVWcRFBy913C6m8fBz89g5vqpOGTJP/c0NdtU+45KDUJD
luMvuKG1z7AZLmwnB3QAbV+50NWAP8JAQ9EWNhh752tLHLizMEQoOYabe7PJVfg/
TMiEmH1OlNMQEagGoKINzf5V7P3zrKJTwFwMuOQ6NKc0oN+qfI2VLYtiZqYlqLjV
Ub1P8UMCv5uMKng8m5OnSPTJEMOgOmIklkgTjMSIDZzploBDyF49s63bQwAepspP
0n1/Xjdow6K4tcSK8a64Xu0eftAJIo6uXSBGkGqIjfyszqvylcyWj4tqQoDWiwWP
WVoksrLxIW1KUmXyfSrSljvA5NSrSn+QvIC1AgMBAAGjggH1MIIB8TAdBgNVHQ4E
FgQUbfaAbBXNTIy4JkKMMcppzg8kFn8wHwYDVR0jBBgwFoAU/HUspZ646u8j0iXc
Z6oIUgHx95wwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQU9URVJO
RVQvX0hVc3BaNjQ2dThqMGlYY1o2b0lVZ0h4OTV3LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9fSFVzcFo2NDZ1OGowaVhjWjZvSVVnSHg5NXcuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BT1RFUk5FVC9iZmFBYkJYTlRJeTRK
a0tNTWNwcHpnOGtGbjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ
AwcAJAJD4AAFMA0GCSqGSIb3DQEBCwUAA4IBAQAQMNeZq5HhK63pQraf0KrGBc5a
UDvMRto1qD1k7sVu5jID9tkw6SDZqPx63OvNkZ8qD2GgXdxbfguGkfniNnPAuTqi
KStvcW8N+cbDlHfhLG9LKMNQSix7eEPvxV/0F6m9F72kfBZSY0YtWuCTys7/+2hp
QXqlOVu0IEXTmQYGYyn6S6fo6L/7YOLMhFMBc7i4KVzqG8xcrI9qbZbCOGA6VjAi
Bk0FKgFh47OyNoEnFSPTHvCU1z4M0aMNrwTRZ6XjG9pQesNejq0/QU3gPUDPONju
Q1yz9UmLG3O/dntUwFLwVY8z4syuF0awwiBbxi1obtgoidJYuMFR8CYxuROt
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:57:38 2026 by rpki-client